<html><body>COVID-19 scams target PCs, phones<BR>
<BR>
COVID-19 scams target PCs, phones<BR>
<BR>
<BR>
<BR>
By Marc Saltzman, Special to USA TODAY<BR>
<BR>
Cybercriminals are looking to profit from pandemic fears - using concerns about a human-transmitted virus to spread computer viruses, if you will - with a fresh crop of malicious software and scams.<BR>
<BR>
One of the first attacks in mid-March arrived in the form of an email message from what appeared to be the World Health Organization, suggesting you read an attachment with official information on how to protect yourself from the coronavirus.<BR>
<BR>
Clicking the file from this impersonator, however, downloaded a hidden installer to your computer that let cybercriminals have access to your data lifted from your keystrokes. The email phishing campaign is one of several coronavirus-related scams detailed recently by security firm Malwarebytes.<BR>
<BR>
Subsequently, the proverbial floodgates opened, with several fresh attempts launched at defrauding Americans. This includes phishing scams, where an email tries to lure you to a legitimate-looking site that asks you to login to view safety information provided by United Nations officials or doctors from the Centers for Disease Control and Prevention (CDC). It's phony, of course, and could lead to identity theft if you input the information requested.<BR>
<BR>
There is also coronavirus-related "ransomware" that locks computer files until the victim pays the thieves to release them.<BR>
<BR>
The Justice Department recently filed a complaint against an Austin, Texas-based website claiming to offer WHO vaccine kits for $4.95 in shipping costs charged to their credit card. As of now, there are no legitimate COVID-19 vaccines, the DOJ noted.<BR>
<BR>
Another scam looks like it's from Amazon and asks you to sign into your account to get a free bottle of hand sanitizer with your next purchase. Of course, it's also a fake.<BR>
<BR>
On a related note, Amazon has also removed over a million products from its marketplace from those who either priced the items unfairly or made false claims.<BR>
<BR>
COVID-19 scams target smartphones<BR>
<BR>
Some COVID-19-related threats specifically target your mobile phone, too.<BR>
<BR>
Malicious text messages are circulating, many of which are promising to track the spread of coronavirus in real time, so you can be alerted when it's growing in your community. But the Android app you're linked to, if downloaded, can listen to you through your microphone, watch you through your smartphone camera and comb through your messages.<BR>
(Cybersecurity experts say this new threat is a customized version of freely available spyware called SpyMax.)<BR>
<BR>
Other text messages claim to link you to free masks from the Red Cross or a $1,000 bank deposit by the federal government to help you during this crisis.<BR>
<BR>
In other words, fraudsters and hackers are pulling out all the stops to defraud you. The Federal Trade Commission just published a list of additional scams and related threats, all tied to COVID-19.<BR>
<BR>
Tips to counteract coronavirus cons<BR>
<BR>
You don't need a degree in computer science to reduce the odds of falling victim to a cyberattack or phishing scam tied to coronavirus, or otherwise.<BR>
<BR>
Here's some suggestions to escalate your security savviness:<BR>
<BR>
Think before you click.Never open an attachment or click on a link from senders you don't recognize. Even if you think you know the sender, if it seems odd they'd send you information like this, contact them (in another way) to confirm it's the real deal (take note of new Facebook Messenger scams that look like they're from friends).<BR>
<BR>
Verify the source. If you get an email, text or phone call that asks you to urgently confirm your personal or financial information, it's fake. The IRS or your bank will never ask for sensitive information in this way. When in doubt, call the organization to ask if it was them (chances are, it won't be). Forward all suspicious emails directly to your local and federal government, at sites such as <a href="http://usa.gov/stop-scams-frauds" target="_blank">http://usa.gov/stop-scams-frauds</a>. AG Barr also asked the public to report<BR>
COVID-19 fraud to the National Center for Disaster Fraud at disaster@leo.gov.<BR>
<BR>
Watch out for others. Warn your loved ones - especially those less tech-savvy or the elderly - about the increased likelihood of scammers trying to defraud through email, text message, social media or even a phone call.<BR>
<BR>
Practice password safety. Create long and complicated passwords (or passphrases), don't use the same ones for all your online activity and change them every month or two. You can use a trusted password manager app like Dashlane or LastPass.<BR>
<BR>
Play defense. Install good cybersecurity software on all your devices and ensure you set to auto-update, in order to protect you from the latest malware and other threats. Free cybersecurity software is better than none at all, but it's prudent to invest in a reputable and comprehensive paid version of anti-malware software.<BR>
<BR>
A new device called HakTrap (costs start at $9.99 monthly with a<BR>
$49.99 startup fee) plugs into your modem and protects home networks from various online threats and hackers - especially ideal as many of us are now working from home. Designed by former U.S. government cybersecurity experts and brought to market in December 2019, HakTrap also protects smart home products like surveillance cameras and video doorbells, baby monitors and smart appliances.<BR>
<BR>
Be wise on Wi-Fi. Even though we're not going out much these days, don't use free public Wi-Fi as you're more at risk compared to browsing on a private wireless network at home (or turn your smartphone into a hotspot, as it's also more secure). Remain anonymous online by using a VPN (Virtual Private Network).<BR>
<BR>
Shop securely. Stick with reputable retailers when giving out your credit card info and look for indicators that the site is secure, such as a little lock icon on the browser's status bar or a URL for a website that begins with "https" (the "s" stands for "secure").<BR>
Regularly check your bank statements and credit card bill for anything suspicious charges.<BR>
<BR>
Have a backup plan. Finally, proactively back up your important information on a regular basis. That way, if you fall victim to a virus or ransomware and have trouble retrieving your information, it won't sting so much if you've already put your important files onto a USB stick or external hard drive, or uploaded them to a cloud service.<BR>
</body></html>